Threat Intelligence Blog

Has Your Company’s Mobile App Gone Rogue?

Posted January 29, 2014

As the number of rogue mobile applications has skyrocketed in recent years, Cyveillance has advised clients that security teams partner with marketing and other stakeholders in the mobile app development process. By having a dedicated, cross-functional team keep track of what has been officially released, and regularly monitoring for unofficial or rogue mobile apps, organizations can protect their customers and their business.
Cyveillance experts have found that in many cases, authorizing mobile apps to only be distributed on GooglePlay and iTunes is not sufficient to stop criminals from “stealing” legitimate apps and offering them on third-party storefronts. Many times, third-party storefronts have limited supervision, if any, to help prevent rogue apps from being offered. When organizations don’t know their official apps are being re-posted on third-party storefronts and monitor for this, it’s easy for outdated or malware- infected versions of apps to make their way to consumers.

Most of the bad apps we see are associated with the Android OS. Confirming this trend, Cisco released a report recently stating that 99 percent of all mobile malware targeted Android devices. The most frequent type of mobile malware found was Andr/Qdplugin-A, which was included in repackaged versions of legitimate apps on third party storefronts. To learn more about rogue mobile apps and how they may be affecting your brand, view our webcast, Six Types of Rogue Mobile Apps and How They’re Hurting Your Brand .